Sant: Static Analysis of Native Threads For Security Vetting of Android Applications

Most of the current research on static analysis of android applications for security vetting either works on java source code or the dalvik bytecode. nevertheless, android allows developers to use c or c++ code in their programs compiled into various binary architectures. moreover, java and the native code components (c or c++) can collaborate using the java native interface. recent research shows that native codes are frequently used in both benign and malicious android applications. most of the present android static analysis tools avert considering native codes in their analysis and applied trivial models for their data-flow analysis. as we know, only the open-source jn-saf tool has tried to solve this issue statically. however, there are still challenges like libc functions and multi-threading in native codes that we want to address in this work. we presented sant as an extension of jn-saf for supporting static analysis of native threads. we considered modeling libc functions in our data-flow analysis to have a more precise analysis when dealing with security vetting of native codes. we also used control flow and data dependence graphs in sant to handle multiple concurrent threads and find implicit data-flow between them. our experiments show that the conducted improvements outperform jn-saf in real-world benchmark applications.